and tags, that's why we emit different headers here than on serendipity_admin.php // We need to restore GET/POST variables to that depending plugins inside the iframe // can still fetch all that variables; and we also tighten security by not allowing // to pass any different GET/POST variables to our iframe. $iframe_mode = $serendipity['GET']['iframe_mode']; $serendipity['POST'] = &$_SESSION['save_entry_POST']; $serendipity['GET'] = &$_SESSION['save_entry_POST']; // GET-Vars are the same as POST to ensure compatibility. $serendipity['hidefooter'] = true; ignore_user_abort(true); echo serendipity_iframe($_SESSION['save_entry'], $iframe_mode); return true; } if (isset($serendipity['GET']['no_smarty']) || isset($serendipity['no_smarty'])) { $_SESSION['no_smarty'] = true; } if (defined('IS_up2date') && IS_up2date === true && IS_installed === true) { $admin_installed = true; } else { $admin_installed = false; } $is_logged_in = serendipity_userLoggedIn(); if ($is_logged_in) { $self_info = sprintf(USER_SELF_INFO, htmlspecialchars($serendipity['serendipityUser']), $serendipity['permissionLevels'][$serendipity['serendipityUserlevel']]); } else { $self_info = ''; } if (isset($serendipity['GET']['noBanner']) || isset($serendipity['POST']['noBanner'])) { $no_banner = true; } else { $no_banner = false; } if (isset($serendipity['GET']['noSidebar']) || isset($serendipity['POST']['noSidebar'])) { $no_sidebar = true; } else { $no_sidebar = false; } if (isset($serendipity['GET']['noFooter']) || isset($serendipity['POST']['noFooter'])) { $no_footer = true; } else { $no_footer = false; } if (!isset($serendipity['serendipityPath']) || IS_installed === false || IS_up2date === false ) { $use_installer = true; } else { $use_installer = false; } $post_action = $serendipity['POST']['action']; $main_content = ''; if (!$use_installer && $is_logged_in) { if (!isset($serendipity['GET']['adminModule'])) { $serendipity['GET']['adminModule'] = (isset($serendipity['POST']['adminModule']) ? $serendipity['POST']['adminModule'] : ''); } ob_start(); serendipity_checkXSRF(); switch($serendipity['GET']['adminModule']) { case 'installer': case 'configuration': if (!serendipity_checkPermission('siteConfiguration') && !serendipity_checkPermission('blogConfiguration')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/configuration.inc.php'; $admin_section = CONFIGURATION; break; case 'media': case 'images': if (!serendipity_checkPermission('adminImages')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/images.inc.php'; $admin_section = MEDIA; break; case 'templates': if (!serendipity_checkPermission('adminTemplates')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/templates.inc.php'; $admin_section = MANAGE_STYLES; break; case 'plugins': if (!serendipity_checkPermission('adminPlugins')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/plugins.inc.php'; $admin_section = CONFIGURE_PLUGINS; break; case 'users': if (!serendipity_checkPermission('adminUsers')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/users.inc.php'; $admin_section = MANAGE_USERS; break; case 'groups': if (!serendipity_checkPermission('adminUsersGroups')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/groups.inc.php'; $admin_section = MANAGE_GROUPS; break; case 'personal': if (!serendipity_checkPermission('personalConfiguration')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/personal.inc.php'; $admin_section = PERSONAL_SETTINGS; break; case 'export': if (!serendipity_checkPermission('adminImport')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/export.inc.php'; $admin_section = EXPORT_ENTRIES; break; case 'import': if (!serendipity_checkPermission('adminImport')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/import.inc.php'; $admin_section = IMPORT_ENTRIES; break; case 'entries': if (!serendipity_checkPermission('adminEntries')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/entries.inc.php'; $admin_section = ADMIN_ENTRIES; break; case 'comments': if (!serendipity_checkPermission('adminComments')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/comments.inc.php'; $admin_section = COMMENTS; break; case 'category': case 'categories': if (!serendipity_checkPermission('adminCategories')) { break; } include S9Y_INCLUDE_PATH . 'include/admin/category.inc.php'; $admin_section = CATEGORIES; break; case 'logout': echo LOGGEDOUT; break; case 'event_display': if ($serendipity['no_create'] !== true) { serendipity_plugin_api::hook_event('backend_sidebar_entries_event_display_' . $serendipity['GET']['adminAction'], $serendipity); } break; case 'logout': echo LOGGEDOUT; break; case 'integrity': echo '

' . INTEGRITY . '

'; $badsums = array(); if (!is_readable(S9Y_INCLUDE_PATH . 'checksums.inc.php') || 0 == filesize(S9Y_INCLUDE_PATH . 'checksums.inc.php') ) { echo ' ' . CHECKSUMS_NOT_FOUND . ''; break; } $badsums = serendipity_verifyFTPChecksums(); if (count($badsums) == 0) { echo ' ' . CHECKSUMS_PASS . ''; } else { echo '

' . sprintf(CHECKSUM_FAILED, $rpath) . '

'; } $admin_section = INTEGRITY; break; default: include S9Y_INCLUDE_PATH . 'include/admin/overview.inc.php'; $admin_section = ADMIN_FRONTPAGE; break; } $main_content = ob_get_contents(); ob_end_clean(); } if (!$use_installer) { $poll_admin_vars = array('main_content', 'no_banner', 'no_sidebar', 'no_footer', 'post_action', 'is_logged_in', 'admin_installed', 'self_info', 'use_installer', 'title'); $admin_vars = array(); foreach($poll_admin_vars AS $poll_admin_var) { $admin_vars[$poll_admin_var] =& $$poll_admin_var; } $admin_vars['out'] = array(); $admin_vars['no_create'] = $serendipity['no_create']; $admin_vars['title'] = $admin_section; if ($serendipity['expose_s9y']) { $admin_vars['version_info'] = sprintf(ADMIN_FOOTER_POWERED_BY, $serendipity['versionInstalled'], phpversion()); } else { $admin_vars['version_info'] = sprintf(ADMIN_FOOTER_POWERED_BY, '', ''); } if (!$serendipity['smarty']) serendipity_smarty_init(); $serendipity['smarty']->assignByRef('admin_vars', $admin_vars); $serendipity['smarty']->display(serendipity_getTemplateFile('admin/index.tpl', 'serendipityPath')); } else { if (IS_installed === false) { $file = 'include/admin/installer.inc.php'; } elseif ( IS_up2date === false ) { $file = 'include/admin/upgrader.inc.php'; } require(S9Y_INCLUDE_PATH . $file); }